BSides Glasgow 2018 - Jordan Schroeder - Can we be mature about this?

Talk delivered at BSides Glasgow 2018, on the 27th of April. Abstract - "When I became the acting CISO for 20 Universities and Colleges, instead of securing new innovations, I needed to secure the operations of long runnning institutions., in some cases more than 500 years old. They did not need to do new things in a secure way, they needed to do very old things in a way that recognised that threats have been innovating at a break-neck speed. This is my story about how I learned to use maturity models to change attitudes, implement change, and see risk in new ways. I will also show how to employ maturity models in any institution to kick-off continual improvement, and how to assess the security an organisation, not just from a checklist, but from a holistic view."